From 3a049280795aa3e02e244f81416e73ebdd3cc697 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 5 Dec 2023 16:53:05 +0100 Subject: [PATCH] fix unbound --- hosts/fw.cloonar.com/modules/unbound.nix | 105 +++++++++++------------ 1 file changed, 52 insertions(+), 53 deletions(-) diff --git a/hosts/fw.cloonar.com/modules/unbound.nix b/hosts/fw.cloonar.com/modules/unbound.nix index 42e566e..630425d 100644 --- a/hosts/fw.cloonar.com/modules/unbound.nix +++ b/hosts/fw.cloonar.com/modules/unbound.nix @@ -3,7 +3,7 @@ let cids = import ../modules/staticids.nix; domain = "ns.cloonar.com"; cfg = { - control-enable = true; + control-enable = "yes"; server = { interface = [ "0.0.0.0" "::0" ]; interface-automatic = "yes"; @@ -131,57 +131,6 @@ let } ]; }; -unbound-sync = { - enable = true; - path = with pkgs; [ unbound inotify-tools ]; - script = '' - function readFile() { - if [[ "''\$2" == "A" ]] ; then - cat "''\$1" | tail -n +2 | while IFS=, read -r address hwaddr client_id valid_lifetime expire subnet_id fqdn_fwd fqdn_rev hostname state user_context - do - echo "''\${address},''\${hostname}" - done - else - cat "''\$1" | tail -n +2 | while IFS=, read -r address duid valid_lifetime expire subnet_id pref_lifetime lease_type iaid prefix_len fqdn_fwd fqdn_rev hostname hwaddr state user_context hwtype hwaddr_source - do - echo "''\${address},''\${hostname}" - done - fi - } - - function readFileUnique() { - readFile "''\$1" ''\$2 | uniq | while IFS=, read -r address hostname - do - if [[ "''\${hostname}" == *.cloonar.com ]] ; then - echo ''\${hostname} ''\$2 ''\${address} - unbound-control local_data ''\${hostname} ''\$2 ''\${address} - if [[ "''\$2" == "A" ]] ; then - echo ''\${address} | while IFS=. read -r ip0 ip1 ip2 ip3 - do - unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.ip4.arpa. PTR ''\${hostname} - unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname} - done - fi - fi - done - } - - function syncFile() { - readFileUnique "''\$1" "''\$2" - while inotifywait -e close_write,create "''\$1" ; do - readFileUnique "''\$1" "''\$2" - done - } - - syncFile "/var/lib/kea/dhcp4.leases" A & - # syncFile "/var/lib/kea/dhcp6.leases" AAAA & - wait - ''; - wants = [ "network-online.target" "unbound.service" ]; - after = [ "network-online.target" "unbound.service" ]; - partOf = [ "unbound.service" ]; - wantedBy = [ "multi-user.target" ]; -}; in { users.users.unbound = { group = "unbound"; @@ -241,7 +190,57 @@ in { enable = true; settings = cfg; }; - systemd.services.unbound-sync = unbound-sync; + systemd.services.unbound-sync = { + enable = true; + path = with pkgs; [ unbound inotify-tools ]; + script = '' + function readFile() { + if [[ "''\$2" == "A" ]] ; then + cat "''\$1" | tail -n +2 | while IFS=, read -r address hwaddr client_id valid_lifetime expire subnet_id fqdn_fwd fqdn_rev hostname state user_context + do + echo "''\${address},''\${hostname}" + done + else + cat "''\$1" | tail -n +2 | while IFS=, read -r address duid valid_lifetime expire subnet_id pref_lifetime lease_type iaid prefix_len fqdn_fwd fqdn_rev hostname hwaddr state user_context hwtype hwaddr_source + do + echo "''\${address},''\${hostname}" + done + fi + } + + function readFileUnique() { + readFile "''\$1" ''\$2 | uniq | while IFS=, read -r address hostname + do + if [[ "''\${hostname}" == *.cloonar.com ]] ; then + echo ''\${hostname} ''\$2 ''\${address} + unbound-control local_data ''\${hostname} ''\$2 ''\${address} + if [[ "''\$2" == "A" ]] ; then + echo ''\${address} | while IFS=. read -r ip0 ip1 ip2 ip3 + do + unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.ip4.arpa. PTR ''\${hostname} + unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname} + done + fi + fi + done + } + + function syncFile() { + readFileUnique "''\$1" "''\$2" + while inotifywait -e close_write,create "''\$1" ; do + readFileUnique "''\$1" "''\$2" + done + } + + syncFile "/var/lib/kea/dhcp4.leases" A & + # syncFile "/var/lib/kea/dhcp6.leases" AAAA & + wait + ''; + wants = [ "network-online.target" "unbound.service" ]; + after = [ "network-online.target" "unbound.service" ]; + partOf = [ "unbound.service" ]; + wantedBy = [ "multi-user.target" ]; + }; system.stateVersion = "23.05"; }; };